preloader
TRAINING

Our IQ Workshops and Seminars

PCI DSS standard training course. V. 4.0

Our schedule for 2023:
March 7th, 8th, 9th and 10th
June 6th, 7th, 8th and 9th
August 8th, 9th, 10th, and 11th
October 3, 4th, 5th y 6th

QSA Latinoamérica y el Caribe

PCI DSS standard training course. V. 4.0

The PCI DSS course has a duration of sixteen (16) hours. Its objective is for the attendee to understand the card payment ecosystem, the most relevant aspects of the transition from version 3.2.1 to version 4.0, the requirements of the PCI DSS v. 4.0 standard and how they apply to the technological infrastructure of the entity and impact regulatory compliance.

Objective

This course lets you learn about the card payment industry, the compliance requirements for businesses and service providers, the requirements of the standard and its application according to your organization’s role in the industry (business, service provider – Call Center, issuer, processor etc).

Target Audience:

Risk and compliance personnel; information security, auditing, information technology, projects and other officials with responsibility or interest in risk management and compliance with the entity’s standards.

General contents:

Module 1 – Means of payment and the PCI DSS standard.

  • Justification of the PCI DSS standard.
  • Payment industry terminology.
  • Actors in the means of payment with cards.

Module 2 – General changes in version 4.0.

  • Timeline for the transition from 3.2.1 to 4.0.
  • Personalized approach
  • Compensating controls and prioritized approach

Module 3 – Scope of the PCI DSS Assessment

  • Information Flows
  • Technology infrastructure involved
  • Methods to reduce scope.
  • Scope definition workshop and controls involved.

Module 4 – PCI DSS Requirements.

  • PCI DSS General Information
  • PCI DSS Requirements
  • Priorities for compliance with the requirements

Module 5 – PCI DSS compliance.

  • PCI Compliance Process
  • Compliance requirements for brands

Deliverable:

  • Course material in PDF.
  • Four four (4) hour sessions with a remote instructor.
 

Secure Development: Secure software development training course

Coming soon

Scan de vulnerabilidad,  infraestructura

24-hour duration

Objective:

  • Evaluate the threats facing the applications
  • Identified market standards or regulation for electronic commerce
  • Be familiar with some authentication mechanisms and their associated problems
  • Identify the necessary requirements to authorise the applications
  • Recognise the principal security failures associated with data validation
  • Identify the mechanisms for exploiting the injection of the SQL code
  • Identify the requirements for handling errors and auditing registries
  • Understand how the different cipher techniques work
  • Be familiar with good practices for administration interfaces and/or applications configuration
  • Be familiar with the mechanisms used to obtain a denial of services and methods to protect yourself

Target Audience:

Software developers

General contents:

  • Module 1:  Introduction
  • Module 2:  Phishing and Web Services
  • Module 3:  Secure Coding – Authentication and Authorisation
  • Module 4:  Secure Coding – Session Handling
  • Module 5:  Secure Coding – Data Validation
  • Module 6:  Secure Coding – Injection
  • Module 7:  Secure Coding – Unicode
  • Module 8:  Secure Coding – Error Management and Auditing
  • Module 9:  Secure Coding – Filing System
  • Module 10:  Secure Coding – Memory Overflow
  • Module 11:  Secure Coding – Cryptography
  • Module 12:  Secure Coding – Administrative Interfaces and Configuration
  • Module 13:  Secure Coding – Management and Denial of Service
  • Module 14:  Code Review

I would like to Attend the Workshops and Seminars